LCCA
Coming Soon
Expected availability announced soon
This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.
LCCA
ISACA Lead CMMC Certified Assessor (LCCA) training equips senior assessors to lead teams, navigate complex assessment scenarios, enforce quality assurance, and determine certification outcomes, ensuring consistent CMMC compliance.
240
Minutes
150
Questions
500/800
Passing Score
${'member': 500, 'non_member': 500}
Exam Cost
Who Should Take This
It is designed for experienced CMMC Certified Assessors who have already achieved CMMC certification and now lead assessment teams. These professionals seek advanced guidance on handling multi‑domain challenges, maintaining audit quality, and making final certification determinations for diverse organizations across varied industries.
What's Covered
1
Domain 1: Assessment Team Leadership
2
Domain 2: Complex Assessment Scenarios
3
Domain 3: Quality Assurance and Consistency
4
Domain 4: Certification Determination
What's Included in AccelaStudy® AI
Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats
Course Outline
25 learning goals
1
Domain 1: Assessment Team Leadership
2 topics
Team composition and planning
- Design assessment team composition by matching assessor competencies, experience, and security clearance levels with organizational complexity and scope requirements.
- Develop comprehensive assessment plans that allocate resources, define timelines, assign practice responsibilities, and establish communication protocols for the assessment team.
- Apply leadership techniques to coordinate assessment activities, resolve team conflicts, and maintain assessment momentum across multi-day or multi-site engagements.
Assessment direction and oversight
- Apply assessment oversight procedures to monitor team progress, review evidence collection quality, and ensure methodology adherence during assessment execution.
- Evaluate assessor performance during engagements to identify coaching opportunities, ensure consistent evidence standards, and maintain assessment objectivity.
- Analyze assessment pace and scope coverage to make real-time adjustments to team assignments and evidence collection priorities.
2
Domain 2: Complex Assessment Scenarios
2 topics
Multi-site and complex environments
- Design assessment strategies for multi-site organizations that efficiently evaluate consistent security control implementation across geographically distributed locations.
- Evaluate complex scoping scenarios including joint ventures, outsourced security operations, and multi-tenant environments to determine appropriate assessment boundaries.
- Apply assessment techniques for cloud-hosted CUI environments including FedRAMP-authorized services, shared responsibility model validation, and customer responsibility matrices.
- Analyze interconnected system boundaries to determine assessment scope implications and security requirement inheritance across organizational trust boundaries.
Challenging assessment situations
- Apply dispute resolution techniques to manage disagreements between assessment team members and organizational personnel regarding practice implementation adequacy.
- Evaluate evidence ambiguity scenarios to make defensible scoring decisions when organizational implementations partially satisfy CMMC requirements.
- Design corrective action guidance for organizations that addresses identified deficiencies while maintaining assessor independence and objectivity boundaries.
3
Domain 3: Quality Assurance and Consistency
2 topics
Assessment quality review
- Apply quality assurance review procedures to verify that all assessment activities conform to CMMC Assessment Process requirements and organizational standards.
- Evaluate evidence documentation quality to ensure that scoring justifications are complete, consistent, and defensible across all assessed practices.
- Analyze scoring consistency across team members to identify and resolve discrepancies in practice evaluation standards and evidence interpretation.
Assessment report quality
- Apply report review procedures to verify assessment report completeness, accuracy, and compliance with CMMC reporting requirements before submission.
- Design assessment documentation standards that ensure reproducibility, traceability from evidence to scoring decisions, and compliance with record retention requirements.
- Evaluate lessons learned from completed assessments to identify process improvements, training needs, and methodology refinements for future engagements.
4
Domain 4: Certification Determination
2 topics
Certification recommendation
- Analyze assessment results across all 110 security requirements to synthesize practice-level findings into an overall certification readiness determination.
- Evaluate POA&M acceptability by assessing remediation plans for feasibility, timeliness, and adequacy in addressing identified practice deficiencies.
- Recommend certification outcomes including full certification, conditional certification, or certification denial with documented rationale and supporting evidence.
Stakeholder communication
- Apply executive briefing techniques to communicate assessment findings, certification recommendations, and remediation requirements to organizational leadership.
- Design post-assessment guidance that helps organizations understand their certification status, POA&M obligations, and continuous monitoring requirements.
- Evaluate C3PAO coordination processes to ensure seamless assessment delivery, quality standard adherence, and timely certification reporting to CMMC governance bodies.
Scope
Included Topics
- All domains and objectives for the Lead CMMC Certified Assessor (LCCA) designation covering assessment leadership, team management, quality assurance, and final certification determination responsibilities.
- Advanced-level CMMC assessment leadership including assessment team direction, resource allocation, quality review, and C3PAO engagement management.
- Assessment team management: team composition and skill requirements, task delegation, assessor performance evaluation, consensus building on scoring decisions, and inter-team coordination for large assessments.
- Quality assurance oversight: assessment methodology adherence, evidence review standards, scoring consistency verification, report quality control, and remediation guidance accuracy.
- Final certification determination: synthesizing assessment results across all practice families, evaluating POA&M acceptability for conditional certification, and making defensible certification recommendations.
- Complex assessment scenarios: multi-site assessments, joint ventures, outsourced security environments, FedRAMP-authorized cloud services, and organizations with CMMC Level 3 aspirations.
- Stakeholder management: organizational leadership briefings, C3PAO coordination, CMMC governance body communication, and dispute resolution procedures.
Not Covered
- Basic CMMC model knowledge and foundational ecosystem understanding (covered by CCP).
- Practice-level assessment techniques for individual security requirements (covered by CCA).
- CMMC curriculum development and training delivery methodology (covered by CCI).
- General project management methodologies beyond CMMC assessment context.
- Vendor-specific assessment management platform administration.
Official Exam Page
Learn more at ISACA
LCCA is coming soon
Adaptive learning that maps your knowledge and closes your gaps.
Create Free Account to Be Notified